Blog post

Security Planning Guide for 2013

By Anton Chuvakin | November 02, 2012 | 0 Comments


Our team (specifically Ramon Krikken | Phil Schacter | Eric Maiwald | Dan Blum | Mario de Boer | Anton Chuvakin)  has just released an annual security planning guide: “2013 Planning Guide: Security and Risk Management.” Every GTP customer should go and read it! It’s abstract states that “The Nexus of Forces brings great opportunities and risks. This Planning Guide provides information security and risk teams with invaluable insights for prioritizing security and risk projects in 2013.”

In the guide, our team tackles the following topics:

Here are a few fun quotes:

  • “Gartner has identified the effects of the Nexus of Forces — information, social, mobile and cloud — as the key macro trends driving IT and information security in 2013.” […] The impetus and nature of these trends are described in more detail in "2013 Professional Effectiveness Planning Guide: Coming to Terms with the Nexus of Forces."
  • “Building controls that work with a variety of endpoints, cloud services, and hybrid IT means focusing on agile security programs and architecture, which includes monitoring as an important component.” […] “in an increasingly hybrid IT and mobile world, monitoring must see farther beyond the walls, farther above the infrastructure layers and deeper into the application context.”
  • “Other continuing security market drivers are the effects of general volatility on security, a more dangerous threat landscape, complex and evolving regulatory standards of protection, consumerization and mobility, and the ongoing transformative effects of cloud computing.”
  • “Security information and event management (SIEM) solutions are vital as the hub for security monitoring, but other tools such as DLP and database audit and protection (DAP) are needed. Enterprises must prioritize goals and operationalize monitoring to make it effective.”
  • “Implement alert triage and report review processes, and commit people to executing them. Bulk up the gaps with dedicated service providers or tool vendor professional services.”

Finally, I know that some of my esteemed blog readers are upset that I occasionally post links to materials requiring various forms of Gartner subscriptions. Well…mmm…get a subscription already!

Related posts:

Comments are closed